https://bugzilla.redhat.com/show_bug.cgi?id=1271193 --- Comment #4 from Mikolaj Izdebski <mizdebsk@xxxxxxxxxx> --- I share doubts wit Gil. I remember that code from OSGi Alliance used to be non-free and that's why we don't ship any code from them in Fedora. The tarball used in SRPM under review indicates that it may be free software, but it's questionable whether it's genuine and what are the actual licensing terms. Michael, is it possible to obtain the same source code directly from upstream, bypassing Maven Central? Upstream download page may reveal more details helpful in the review and will help making sure that the code is genuine. -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list package-review@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/package-review